Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
File: 3baab427-eefb-4e67-b18e-83fac7ff77ea.roa (raw, json)
Hash identifier: 6cSIwRr/GVOius42WpYEuICxHt0Cyo8P9RXxuTyFf1o=
Subject key identifier: FC:19:5D:5B:B5:56:18:64:B2:CF:8D:89:04:F5:DB:E1:71:45:95:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 51063A66D7AAA03386B69B55F711EDF368BF2FC4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
Signing time: Mon 11 Sep 2023 00:00:00 +0000
ROA not before: Mon 11 Sep 2023 00:00:00 +0000
ROA not after: Mon 16 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Sep 2023 14:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:06:3a:66:d7:aa:a0:33:86:b6:9b:55:f7:11:ed:f3:68:bf:2f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 11 00:00:00 2023 GMT
Not After : Oct 16 23:59:59 2023 GMT
Subject: serialNumber=93a27d703b17559c7c9f8131a8672d0d82427cf658f31aecfa2b2bede915999c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4a:72:ae:b9:ef:d2:e3:9b:c7:d0:d1:a7:f6:
5f:66:5d:d8:cd:dc:33:33:28:13:b9:2b:ec:33:69:
7d:39:d9:88:5f:d8:42:90:30:3d:b9:34:32:c3:16:
eb:77:2a:d9:7b:fa:6b:61:bf:bf:b3:89:42:bb:15:
95:b7:c6:ce:5f:53:4e:2a:75:ae:6e:3f:20:23:f2:
7d:f8:00:a4:76:aa:a6:73:74:1b:ee:12:4c:eb:9f:
a5:eb:85:e8:58:f3:ba:15:8c:21:bd:be:68:0f:15:
11:35:9c:b4:a7:77:40:b1:8f:e9:2b:38:33:32:db:
aa:28:42:c9:d6:a1:38:82:fc:c1:aa:32:33:be:3b:
38:5d:2d:d1:e0:ad:61:f1:4e:2e:0f:39:0b:c3:c3:
90:b9:88:a6:64:45:0e:43:eb:04:86:bf:dd:d9:64:
d4:fe:20:77:fb:ac:90:41:45:e8:3b:eb:99:42:de:
34:a6:74:e7:b5:50:de:31:3e:b4:64:b6:10:21:ae:
a7:e8:64:b6:91:60:52:b1:ba:36:0c:b0:81:8b:59:
33:f4:20:fd:9e:a7:ed:fb:d8:60:5f:a3:47:23:b2:
b6:00:94:a5:72:eb:2c:ff:2d:7a:15:88:33:aa:03:
68:23:6e:c9:10:84:91:97:45:d1:d1:00:9c:9d:a2:
eb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:19:5D:5B:B5:56:18:64:B2:CF:8D:89:04:F5:DB:E1:71:45:95:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3baab427-eefb-4e67-b18e-83fac7ff77ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:8000::/40
Signature Algorithm: sha256WithRSAEncryption
54:51:ad:b6:02:b5:ff:55:09:4a:33:1d:51:c7:0e:3b:b4:86:
3c:71:2a:ee:3f:1e:b1:04:5f:97:cf:e9:e2:1f:ac:4a:77:a7:
d1:7b:39:30:89:00:c1:45:38:e0:ea:80:56:37:ee:d9:ea:6d:
63:21:b2:7d:8c:e5:86:2e:02:a4:1a:fb:66:7a:37:de:07:6b:
3a:8b:a8:7d:e0:20:7d:5a:63:83:2c:31:1c:d3:b8:95:b4:8d:
ce:3e:fc:45:e3:24:a8:cb:32:4e:37:22:13:fb:af:b4:31:a3:
8b:c9:0b:be:d8:08:5a:8b:3e:8d:6b:a7:cd:47:37:5f:14:8c:
05:ae:a6:8c:63:5e:4c:99:7d:20:1f:c7:77:df:7f:1c:d8:69:
b3:37:00:1d:c4:44:87:3e:cb:a9:85:de:c8:64:2a:20:db:73:
1a:6d:d4:08:61:10:4b:34:fd:cd:8e:ad:59:eb:bc:7f:66:c2:
88:f3:8e:9b:c4:78:c4:15:64:b5:06:cd:f9:d5:16:69:24:4f:
bc:55:82:34:ff:f4:f4:e1:22:75:44:fa:98:7d:21:bf:5c:b8:
82:34:28:27:ba:66:02:ab:13:3a:ad:4e:06:e9:5f:e3:f9:7a:
bc:46:8c:4a:19:46:f3:e1:2d:a9:07:7e:34:cc:34:b1:54:2a:
a9:1a:d9:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUQY6ZteqoDOGtptV9xHt82i/L8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yMzA5MTEwMDAwMDBaFw0yMzEwMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzYTI3ZDcwM2IxNzU1OWM3YzlmODEzMWE4NjcyZDBkODI0MjdjZjY1OGYz
MWFlY2ZhMmIyYmVkZTkxNTk5OWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1Kcq6579Ljm8fQ0af2X2Zd2M3cMzMoE7kr7DNpfTnZiF/YQpAwPbk0MsMW
63cq2Xv6a2G/v7OJQrsVlbfGzl9TTip1rm4/ICPyffgApHaqpnN0G+4STOufpeuF
6FjzuhWMIb2+aA8VETWctKd3QLGP6Ss4MzLbqihCydahOIL8waoyM747OF0t0eCt
YfFOLg85C8PDkLmIpmRFDkPrBIa/3dlk1P4gd/uskEFF6DvrmULeNKZ057VQ3jE+
tGS2ECGup+hktpFgUrG6NgywgYtZM/Qg/Z6n7fvYYF+jRyOytgCUpXLrLP8tehWI
M6oDaCNuyRCEkZdF0dEAnJ2i65MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8GV1b
tVYYZLLPjYkE9dvhcUWVuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2JhYWI0MjctZWVmYi00ZTY3LWIxOGUtODNmYWM3ZmY3N2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBUUa22ArX/VQlKMx1Rxw47tIY8cSruPx6xBF+X
z+niH6xKd6fRezkwiQDBRTjg6oBWN+7Z6m1jIbJ9jOWGLgKkGvtmejfeB2s6i6h9
4CB9WmODLDEc07iVtI3OPvxF4ySoyzJONyIT+6+0MaOLyQu+2Ahaiz6Na6fNRzdf
FIwFrqaMY15MmX0gH8d3338c2GmzNwAdxESHPsuphd7IZCog23MabdQIYRBLNP3N
jq1Z67x/ZsKI846bxHjEFWS1Bs351RZpJE+8VYI0//T04SJ1RPqYfSG/XLiCNCgn
umYCqxM6rU4G6V/j+Xq8RoxKGUbz4S2pB340zDSxVCqpGtkd
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:40:26 2023 by rpki-client on console-ams.rpki-client.org